fred.boniface/OwlBoard
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Wiki Activity

Fix ldb lookup and add sanitization

Browse Source
This commit is contained in:
Fred Boniface 2023-01-11 21:03:04 +00:00
parent 2d3abdc84c
commit 68576d8869
6 changed files with 70 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
package-lock.json generated
View File

@ -13,7 +13,8 @@
"express": "^4.18.2", "express": "^4.18.2",
"ldbs-json": "^1.2.1", "ldbs-json": "^1.2.1",
"mongodb": "^4.13.0", "mongodb": "^4.13.0",
"node-gzip": "^1.1.2" "node-gzip": "^1.1.2",
"string-sanitizer-fix": "^2.0.1"
} }
}, },
"node_modules/@aws-crypto/ie11-detection": { "node_modules/@aws-crypto/ie11-detection": {
@ -1979,6 +1980,11 @@
"node": ">= 0.8" "node": ">= 0.8"
} }
}, },
"node_modules/string-sanitizer-fix": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/string-sanitizer-fix/-/string-sanitizer-fix-2.0.1.tgz",
"integrity": "sha512-I5RSqL5vDfKnoAbpFP2mU0QAh7Gc1KoeIg02N+5+NBfDB/MiSddgNNXfmWND7+BBwy3zub6s/ZWRbZICZKUA0g=="
},
"node_modules/strnum": { "node_modules/strnum": {
"version": "1.0.5", "version": "1.0.5",
"resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", "resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz",
@ -3635,6 +3641,11 @@
"resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz",
"integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==" "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ=="
}, },
"string-sanitizer-fix": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/string-sanitizer-fix/-/string-sanitizer-fix-2.0.1.tgz",
"integrity": "sha512-I5RSqL5vDfKnoAbpFP2mU0QAh7Gc1KoeIg02N+5+NBfDB/MiSddgNNXfmWND7+BBwy3zub6s/ZWRbZICZKUA0g=="
},
"strnum": { "strnum": {
"version": "1.0.5", "version": "1.0.5",
"resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", "resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz",

3
package.json
View File

@ -4,7 +4,8 @@
"express": "^4.18.2", "express": "^4.18.2",
"ldbs-json": "^1.2.1", "ldbs-json": "^1.2.1",
"mongodb": "^4.13.0", "mongodb": "^4.13.0",
"node-gzip": "^1.1.2" "node-gzip": "^1.1.2",
"string-sanitizer-fix": "^2.0.1"
}, },
"name": "owlboard", "name": "owlboard",
"description": "OwlBoard is an API and PWA for live rail departure board in the UK.", "description": "OwlBoard is an API and PWA for live rail departure board in the UK.",

2
src/services/dbAccess.services.js
View File

@ -75,9 +75,11 @@ async function updateMeta(type, target, unixTime){
async function query(collection, query){ async function query(collection, query){
await client.connect(); await client.connect();
log.out(`dbAccess.query: Connecting to collection: '${collection}'`)
var qcoll = db.collection(collection); var qcoll = db.collection(collection);
var qcursor = qcoll.find(query) var qcursor = qcoll.find(query)
qcursor.project({_id: 0}) qcursor.project({_id: 0})
log.out(`dbAccess.query: Running Query: ${JSON.stringify(query)}`)
var qresult = await qcursor.toArray(); var qresult = await qcursor.toArray();
return qresult; return qresult;
} }

30
src/services/ldb.services.js
View File

@ -10,26 +10,28 @@
const log = require('../utils/log.utils'); // Log Helper const log = require('../utils/log.utils'); // Log Helper
const ldb = require('ldbs-json') const ldb = require('ldbs-json')
const util = require('../utils/ldb.utils') const util = require('../utils/ldb.utils')
const san = require('../utils/sanitizer.utils')
const ldbKey = process.env.OWL_LDB_KEY const ldbKey = process.env.OWL_LDB_KEY
const ldbsvKey = process.env.OWL_LDB_SVKEY const ldbsvKey = process.env.OWL_LDB_SVKEY
async function get(body, id){ async function get(body, id){
// Read request body for information on request var cleanId = san.cleanApiEndpoint(id);
// Check whether input is CRS or TIPLOC with util.checkInput(input) var obj = await util.checkCrs(cleanId);
// if TIPLOC then convert to CRS, try {
// then check whether staff is true or false, var crs = obj[0]['3ALPHA'];
// then call the correct function and log.out(`ldbService.get: Determined CRS for lookup to be: ${crs}`);
// return that output to calling function var data = await arrDepBoard(crs);
// for now, just call arrDepBoard(CRS) with the id from the url directly used - UNSAFE } catch (err) {
var output = await arrDepBoard(id) log.out(`ldbService.get: Error, Unable to find CRS: ${err}`)
return output var data = {ERROR:'NOT_FOUND',description:'The entered station was not found. Please check and try again.'};
}
return data;
} }
async function arrDepBoard(CRS){ async function arrDepBoard(CRS){
var valid = await util.checkCrs(CRS) log.out(`ldbService.arrDepBoard: Trying to fetch ArrDep Board for ${CRS}`)
log.out(`ldbService.arrDepBoard: Fetching ArrDep Board for ${CRS}`) try {
if (valid != false){
var options = { var options = {
numRows: 10, numRows: 10,
crs: CRS.toUpperCase() crs: CRS.toUpperCase()
@ -37,8 +39,8 @@ async function arrDepBoard(CRS){
var api = new ldb(ldbKey,false) var api = new ldb(ldbKey,false)
var reply = await api.call("GetArrDepBoardWithDetails",options) var reply = await api.call("GetArrDepBoardWithDetails",options)
return reply return reply
} else if (valid == false) { } catch (err) {
log.out(`ldbService.arrDepBoard: Invalid 3ALPHA for lookup: ${CRS}`) log.out(`ldbService.arrDepBoard: Lookup Failed for: ${CRS}`)
return {GetStationBoardResult: "not available", Reason: `The CRS code ${CRS} is not valid`, Why: `Sometimes a station will have more than one CRS - for example Filton Abbey Wood has FIT and FAW however schedules are only available when looking up with FIT - this is how the National Rail Enquiries systems work.`}; return {GetStationBoardResult: "not available", Reason: `The CRS code ${CRS} is not valid`, Why: `Sometimes a station will have more than one CRS - for example Filton Abbey Wood has FIT and FAW however schedules are only available when looking up with FIT - this is how the National Rail Enquiries systems work.`};
} }
}; };

21
src/utils/ldb.utils.js
View File

@ -1,18 +1,15 @@
const log = require('../utils/log.utils'); // Log Helper const log = require('../utils/log.utils'); // Log Helper
const db = require('../services/dbAccess.services') // DB Access
async function checkCrs(input){ async function checkCrs(input){
// Check whether CRS is valid var INPUT = input.toUpperCase()
// if not, try to get tiploc log.out(`ldbUtils.checkCrs: Building database query to find: '${INPUT}'`)
// Until implemented always return true var query = {'$or':[{'3ALPHA':INPUT},{'TIPLOC':INPUT},{'STANOX':INPUT}]};
return true var result = await db.query("stations", query)
} log.out(`ldbUtils.checkCrs: Query results: ${JSON.stringify(result)}`)
return result
async function convertTiploc(input){
// Convert TIPLOC to CRS with DBLookup
return input
} }
module.exports = { module.exports = {
checkCrs, checkCrs
convertTiploc
} }

29
src/utils/sanitizer.utils.js Normal file
View File

@ -0,0 +1,29 @@
const clean = require('string-sanitizer-fix');
const log = require('../utils/log.utils');
/*
string.sanitize("a.bc@d efg#h"); // abcdefgh
string.sanitize.keepSpace("a.bc@d efg#h"); // abcd efgh
string.sanitize.keepUnicode("a.bc@d efg#hক"); // abcd efghক
string.sanitize.addFullstop("a.bc@d efg#h"); // abcd.efgh
string.sanitize.addUnderscore("a.bc@d efg#h"); // abcd_efgh
string.sanitize.addDash("a.bc@d efg#h"); // abcd-efgh
string.sanitize.removeNumber("@abcd efgh123"); // abcdefgh
string.sanitize.keepNumber("@abcd efgh123"); // abcdefgh123
string.addFullstop("abcd efgh"); // abcd.efgh
string.addUnderscore("@abcd efgh"); // @abcd_efgh
string.addDash("@abcd efgh"); // @abcd-efgh
string.removeSpace("@abcd efgh"); // @abcdefgh
*/
function cleanApiEndpoint(input) {
var output = clean.sanitize(input)
if (output != input){
log.out(`sanitizerUtils.cleanApiEndpoint: WARN: Sanitizing changed string. Input = ${input}`);
}
return output
}
module.exports = {
cleanApiEndpoint
}